CISSP Sybex Official Study Guide Chapter 20 Review Questions Flashcards

1
Q

Which one of the following tools is used primarily to perform network discovery scans?

A. Nmap
B. Nessus
C. Metasploit
D. lsof

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 693). Wiley. Kindle Edition.

A

A. Nmap

Explanation:
Nmap is a network discovery scanning tool that reports the open ports on a remote system.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 973). Wiley. Kindle Edition.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Adam recently ran a network port scan of a web server running in his organization. He ran the scan from an external network to get an attacker’s perspective on the scan. Which one of the following results is the greatest cause for alarm?

A. 80/open
B. 22/filtered
C. 443/open
D. 1433/open

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 693). Wiley. Kindle Edition.

A

D. 1433/open

Explanation:
Only open ports represent potentially significant security risks. Ports 80 and 443 are expected to be open on a web server. Port 1433 is a database port and should never be exposed to an external network.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 973). Wiley. Kindle Edition.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which one of the following factors should not be taken into consideration when planning a security testing schedule for a particular system?

A. Sensitivity of the information stored on the system
B. Difficulty of performing the test
C. Desire to experiment with new testing tools
D. Desirability of the system to attackers

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 693). Wiley. Kindle Edition.

A

C. Desire to experiment with new testing tools

Explanation:
The sensitivity of information stored on the system, difficulty of performing the test, and likelihood of an attacker targeting the system are all valid considerations when planning a security testing schedule. The desire to experiment with new testing tools should not influence the production testing schedule.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 973). Wiley. Kindle Edition.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which one of the following is not normally included in a security assessment?

A. Vulnerability scan
B. Risk assessment
C. Mitigation of vulnerabilities
D. Threat assessment

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 693). Wiley. Kindle Edition.

A

C. Mitigation of vulnerabilities

Explanation:
Security assessments include many types of tests designed to identify vulnerabilities, and the assessment report normally includes recommendations for mitigation. The assessment does not, however, include actual mitigation of those vulnerabilities.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 974). Wiley. Kindle Edition.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Who is the intended audience for a security assessment report?

A. Management
B. Security auditor
C. Security professional
D. Customers

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 693). Wiley. Kindle Edition.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 693). Wiley. Kindle Edition.

A

A. Management

Explanation:
Security assessment reports should be addressed to the organization’s management. For this reason, they should be written in plain English and avoid technical jargon.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 974). Wiley. Kindle Edition.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Beth would like to run an nmap scan against all of the systems on her organization’s private network. These include systems in the 10.0.0.0 private address space. She would like to scan this entire private address space because she is not certain what subnets are used. What network address should Beth specify as the target of her scan?

A. 10.0.0.0/0
B. 10.0.0.0/8
C. 10.0.0.0/16
D. 10.0.0.0/24

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 693). Wiley. Kindle Edition.

A

B. 10.0.0.0/8

Explanation:
B. The use of an 8-bit subnet mask means that the first octet of the IP address represents the network address. In this case, that means 10.0.0.0/8 will scan any IP address beginning with 10.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 974). Wiley. Kindle Edition.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Alan ran an nmap scan against a server and determined that port 80 is open on the server. What tool would likely provide him the best additional information about the server’s purpose and the identity of the server’s operator?

A. SSH
B. Web browser
C. telnet
D. ping

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 694). Wiley. Kindle Edition.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 694). Wiley. Kindle Edition.

A

B. Web browser

Explanation:
The server is likely running a website on port 80. Using a web browser to access the site may provide important information about the site’s purpose.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 974). Wiley. Kindle Edition.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What port is typically used to accept administrative connections using the SSH utility?

A. 20
B. 22
C.25
D. 80

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 694). Wiley. Kindle Edition.

A

B. 22

Explanation:
The SSH protocol uses port 22 to accept administrative connections to a server.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 974). Wiley. Kindle Edition.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which one of the following tests provides the most accurate and detailed information about the security state of a server?

A. Unauthenticated scan
B. Port scan
C. Half-open scan
D. Authenticated scan

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 694). Wiley. Kindle Edition.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 694). Wiley. Kindle Edition.

A

D. Authenticated scan

Explanation:
Authenticated scans can read configuration information from the target system and reduce the instances of false positive and false negative reports.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 974). Wiley. Kindle Edition.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What type of network discovery scan only follows the first two steps of the TCP handshake?

A. TCP connect scan
B. Xmas scan
C. TCP SYN scan
D. TCP ACK scan

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 694). Wiley. Kindle Edition.

A

C. TCP SYN scan

Explanation:
The TCP SYN scan sends a SYN packet and receives a SYN ACK packet in response, but it does not send the final ACK required to complete the three-way handshake.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 974). Wiley. Kindle Edition.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Matthew would like to test systems on his network for SQL injection vulnerabilities. Which one of the following tools would be best suited to this task?

A. Port scanner
B. Network vulnerability scanner
C. Network discovery scanner
D. Web Vulnerability Scanner

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 694). Wiley. Kindle Edition.

A

D. Web Vulnerability Scanner

Explanation:
D. SQL injection attacks are web vulnerabilities, and Matthew would be best served by a web vulnerability scanner. A network vulnerability scanner might also pick up this vulnerability, but the web vulnerability scanner is specifically designed for the task and more likely to be successful.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 974). Wiley. Kindle Edition.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Badin Industries runs a web application that processes e-commerce orders and handles credit card transactions. As such, it is subject to the Payment Card Industry Data Security Standard (PCI DSS). The company recently performed a web vulnerability scan of the application and it had no unsatisfactory findings. How often must Badin rescan the application?

A. Only if the application changes
B. At least monthly
C. At least annually
D. There is no rescanning requirement.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (pp. 694-695). Wiley. Kindle Edition.

A

C. At least annually

Explanation:
PCI DSS requires that Badin rescan the application at least annually and after any change in the application.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 974). Wiley. Kindle Edition.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Grace is performing a penetration test against a client’s network and would like to use a tool to assist in automatically executing common exploits. Which one of the following security tools will best meet her needs?

A. nmap
B. Metasploit
C. Nessus
D. Snort

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 695). Wiley. Kindle Edition.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 695). Wiley. Kindle Edition.

A

B. Metasploit

Explanation:
Metasploit is an automated exploit tool that allows attackers to easily execute common attack techniques.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 974). Wiley. Kindle Edition.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Paul would like to test his application against slightly modified versions of previously used input. What type of test does Paul intend to perform?

A. Code review
B. Application vulnerability review
C. Mutation fuzzing
D. Generational fuzzing

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 695). Wiley. Kindle Edition.

A

C. Mutation fuzzing

Explanation:
Mutation fuzzing uses bit flipping and other techniques to slightly modify previous inputs to a program in an attempt to detect software flaws.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 974). Wiley. Kindle Edition.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Users of a banking application may try to withdraw funds that don’t exist from their account. Developers are aware of this threat and implemented code to protect against it. What type of software testing would most likely catch this type of vulnerability if the developers have not already remediated it?

A. Misuse case testing
B. SQL injection testing
C. Fuzzing
D. Code review

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 695). Wiley. Kindle Edition.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 695). Wiley. Kindle Edition.

A

A. Misuse case testing

Explanation:
Misuse case testing identifies known ways that an attacker might exploit a system and tests explicitly to see if those attacks are possible in the proposed code.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 974). Wiley. Kindle Edition.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What type of interface testing would identify flaws in a program’s command-line interface?

A. Application programming interface testing
B. User interface testing
C. Physical interface testing
D. Security interface testing

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 695). Wiley. Kindle Edition.

A

B. User interface testing

Explanation:
User interface testing includes assessments of both graphical user interfaces (GUIs) and command-line interfaces (CLIs) for a software program.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 974). Wiley. Kindle Edition.

17
Q

During what type of penetration test does the tester always have access to system configuration information?

A. Black box penetration test
B. White box penetration test
C. Gray box penetration test
D. Red box penetration test

A

B. White box penetration test

Explanation:
During a white box penetration test, the testers have access to detailed configuration information about the system being tested.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 974). Wiley. Kindle Edition.

18
Q

What port is typically open on a system that runs an unencrypted HTTP server?

A. 22
B. 80
C. 143
D. 443

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (pp. 695-696). Wiley. Kindle Edition.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 695). Wiley. Kindle Edition.

A

B. 80

Explanation:
Unencrypted HTTP communications take place over TCP port 80 by default.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 974). Wiley. Kindle Edition.

19
Q

Which one of the following is the final step of the Fagan inspection process?

A. Inspection
B. Rework
C. Follow-up
D. None of the above

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 696). Wiley. Kindle Edition.

A

C. Follow-up

Explanation:
The Fagan inspection process concludes with the follow-up phase.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 974). Wiley. Kindle Edition.

20
Q

What information security management task ensures that the organization’s data protection requirements are met effectively?

A. Account management
B. Backup verification
C. Log review
D. Key performance indicators

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 696). Wiley. Kindle Edition.

A

B. Backup verification

Explanation:
The backup verification process ensures that backups are running properly and thus meeting the organization’s data protection objectives.

Chapple, Mike; Stewart, James Michael; Gibson, Darril. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (p. 974). Wiley. Kindle Edition.